You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Andres Aguado <an...@gmail.com> on 2012/02/16 15:31:37 UTC
[users@httpd] Reverse proxy problem
Hi all, i'd like to expose my problem because i'm going crazy, and if
anyone could help me it'll be very appreciated.
Well, I've an apache 2.2 server over win2k8, and i want to configure
it as reverse proxy to send request to backend Websphere server
So, my httpd.conf file is written like this:
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot "C:\Program Files (x86)\Apache Software
Foundation\Apache2.2\htdocs\my_example"
ServerName www.my_example.es:80
ServerRoot "C:\Program Files (x86)\Apache Software Foundation\Apache2.2"
DirectoryIndex index.html
Redirect / https://www.my_example.es:8443
ErrorLog "C:\Program Files (x86)\Apache Software
Foundation\Apache2.2\logs\error.log"
TransferLog "C:\Program Files (x86)\Apache Software
Foundation\Apache2.2\logs\access.log"
ProxyRequests Off
</VirtualHost>
And i've configured virtual host on 8443 in httpd-ssl.conf like this:
<VirtualHost _default_:8443>
DocumentRoot "C:\Program Files (x86)\Apache Software
Foundation\Apache2.2\htdocs\my_example"
DirectoryIndex index2.html
ServerName www.my_example.es:8443
ServerAdmin admin@my_example.es
ErrorLog "C:\Program Files (x86)\Apache Software
Foundation\Apache2.2\logs\error.log"
TransferLog "C:\Program Files (x86)\Apache Software
Foundation\Apache2.2\logs\access.log"
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://192.168.112.57
ProxyPassReverse / https://192.168.112.57
</VirtualHost>
Proxy modules enabled are mod_proxy.so and mod_proxy_http.so
But this configuration is not working.
If i comment both proxypass sentences and try, it connects to local
index.html page, but if i enable proxypass sentences, it tries to
connect, typical website certificate error (continue to this site)
appears in iexplorer and internal server error page is displayed.
Could anyone help me please?
Thank you very much
Andres
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy problem
Posted by Andres Aguado <an...@gmail.com>.
Well, after looking for, copying/pasting, testing, changing and
looking for again, it seems that my problem was that i needed to add
the following line into my virtual host:443
SSLProxyEngine on
Now it's working
Thanks all for your responses, your help and your patient
Regards,
Andres
2012/2/20 Andres Aguado <an...@gmail.com>:
> Yes, into httpd-ssl.conf
>
> # Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
> # Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
> #
> Listen 8443
>
>
>
> 2012/2/20 Igor Cicimov <ic...@gmail.com>:
>> Do you have
>> Listen 8443
>> at all in your config?
>>
>> On Feb 20, 2012 10:28 PM, "Andres Aguado" <an...@gmail.com> wrote:
>>>
>>> mmmmm, i've configured on other machine, other apache 2.2 as reverse
>>> proxy and i've forwarded request to https://www.ingdirect.es, and the
>>> error is the same
>>>
>>> This is a very strange cuestion but, do you know if these
>>> configurations should work?, is it necessary to make any strange
>>> configuration?
>>>
>>> Regards
>>> Andres
>>>
>>> 2012/2/20 Andres Aguado <an...@gmail.com>:
>>> > Hi again. Here we are again
>>> >
>>> > Sorry, but I don't understand that dns error, because i'm connecting
>>> > to ip interface. I'm not connecting to dns name to simplify the issue.
>>> > And i can connect from proxy to backend ok to https port. the problem
>>> > seems to be when virtual host "proxypass" the request, because i can
>>> > connect from another machine to https://192.168.112.57 too
>>> >
>>> > Jeff, I've changed proxypass and proxypassreverse sentences adding / a
>>> > the end but it's not working.
>>> >
>>> > Arrrrrrrrrrrrrrrrrrgggggggggg, I can't believe this configuration is
>>> > so difficult. It looked easy when i started it!
>>> >
>>> > 2012/2/17 Jeff Trawick <tr...@gmail.com>:
>>> >> On Fri, Feb 17, 2012 at 10:28 AM, Igor Cicimov <ic...@gmail.com>
>>> >> wrote:
>>> >>> You have DNS error. Also check if you can connect from the proxy to
>>> >>> the
>>> >>> backend on ssl port.
>>> >>
>>> >> proxy: DNS
>>> >> lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
>>> >>
>>> >> That looks more like a configuration problem... The path is
>>> >> unexpectedly concatenated with the host (okay, IP).
>>> >>
>>> >> Change
>>> >> ProxyPass / https://192.168.112.57
>>> >> to
>>> >> ProxyPass / https://192.168.112.57/
>>> >> (similar for ProxyPassReverse)
>>> >>>
>>> >>> On Feb 18, 2012 1:04 AM, "Andres Aguado" <an...@gmail.com> wrote:
>>> >>>>
>>> >>>> Hi again Igor, connecting to https://192.168.112.57 directly, a
>>> >>>> websphere app server (the backend app server for my case) admin page
>>> >>>> is shown
>>> >>>>
>>> >>>> The error log shows this files since startup
>>> >>>>
>>> >>>> The Apache2.2 service has restarted.
>>> >>>> arent: Received restart signal -- Restarting the server.
>>> >>>> [Fri Feb 17 14:14:15 2012] [notice] Child 6132: Exit event signaled.
>>> >>>> Child process is ending.
>>> >>>> [Fri Feb 17 14:14:15 2012] [notice] Digest: generating secret for
>>> >>>> digest authentication ...
>>> >>>> [Fri Feb 17 14:14:15 2012] [notice] Digest: done
>>> >>>> [Fri Feb 17 14:14:16 2012] [notice] Child 6132: Released the start
>>> >>>> mutex
>>> >>>> [Fri Feb 17 14:14:17 2012] [notice] Apache/2.2.21 (Win32) DAV/2
>>> >>>> mod_ssl/2.2.21 OpenSSL/0.9.8r configured -- resuming normal
>>> >>>> operations
>>> >>>> [Fri Feb 17 14:14:17 2012] [notice] Server built: Sep 9 2011
>>> >>>> 10:26:10
>>> >>>> [Fri Feb 17 14:14:17 2012] [notice] Parent: Created child process
>>> >>>> 4308
>>> >>>> [Fri Feb 17 14:14:18 2012] [notice] Digest: generating secret for
>>> >>>> digest authentication ...
>>> >>>> [Fri Feb 17 14:14:18 2012] [notice] Digest: done
>>> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Child process is
>>> >>>> running
>>> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Acquired the start
>>> >>>> mutex.
>>> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting 64 worker
>>> >>>> threads.
>>> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
>>> >>>> listen on port 80.
>>> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
>>> >>>> listen on port 8443.
>>> >>>> [Fri Feb 17 14:14:22 2012] [error] [client 127.0.0.1] proxy: DNS
>>> >>>> lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
>>> >>>> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: All worker threads
>>> >>>> have
>>> >>>> exited.
>>> >>>> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: Child process is
>>> >>>> exiting
>>> >>>>
>>> >>>> About app logs, i've not seen it and i don't know what file to look
>>> >>>> for, so i'll ask app administrator server that sure will know it
>>> >>>>
>>> >>>> Thanks!
>>> >>>> andres
>>> >>>>
>>> >>>> 2012/2/17 Igor Cicimov <ic...@gmail.com>:
>>> >>>> > What is in the error file dude not the access one? Since you are
>>> >>>> > proxying to
>>> >>>> > https://192.168.112.57 do you have ssl enabled on that server? What
>>> >>>> > do
>>> >>>> > you
>>> >>>> > see in its log file?
>>> >>>> >
>>> >>>> > Since you said http proxying works i suspect you don't have ssl
>>> >>>> > configured
>>> >>>> > on the backend 192.168.112.57.
>>> >>>> >
>>> >>>> >
>>> >>>> > On Fri, Feb 17, 2012 at 8:57 PM, Andres Aguado
>>> >>>> > <an...@gmail.com>
>>> >>>> > wrote:
>>> >>>> >>
>>> >>>> >> Sorry Tom, here is an important piece of httpd-ssl.conf
>>> >>>> >>
>>> >>>> >> SSLEngine on #Behind proxypass sentences
>>> >>>> >> SSLCertificateFile "C:\Program Files (x86)\Apache Software
>>> >>>> >> Foundation\Apache2.2\conf\ssl\server.crt"
>>> >>>> >> SSLCertificateKeyFile "C:\Program Files (x86)\Apache Software
>>> >>>> >> Foundation\Apache2.2\conf\ssl\server.key"
>>> >>>> >>
>>> >>>> >> .crt and .key files has been created and are present in specified
>>> >>>> >> directory
>>> >>>> >>
>>> >>>> >> Actuallly, redirect to https is disabled, and i'm not connecting
>>> >>>> >> to
>>> >>>> >> http, i'm connecting to https://ipreverseproxy:8443 directly.
>>> >>>> >>
>>> >>>> >> Regards
>>> >>>> >> Andres
>>> >>>> >>
>>> >>>> >> 2012/2/17 Tom Evans <te...@googlemail.com>:
>>> >>>> >> > On Thu, Feb 16, 2012 at 2:31 PM, Andres Aguado
>>> >>>> >> > <an...@gmail.com>
>>> >>>> >> > wrote:
>>> >>>> >> >> Hi all, i'd like to expose my problem because i'm going crazy,
>>> >>>> >> >> and
>>> >>>> >> >> if
>>> >>>> >> >> anyone could help me it'll be very appreciated.
>>> >>>> >> >>
>>> >>>> >> >> Well, I've an apache 2.2 server over win2k8, and i want to
>>> >>>> >> >> configure
>>> >>>> >> >> it as reverse proxy to send request to backend Websphere server
>>> >>>> >> >>
>>> >>>> >> >> So, my httpd.conf file is written like this:
>>> >>>> >> >>
>>> >>>> >> >> NameVirtualHost *:80
>>> >>>> >> >> <VirtualHost *:80>
>>> >>>> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
>>> >>>> >> >> Foundation\Apache2.2\htdocs\my_example"
>>> >>>> >> >> ServerName www.my_example.es:80
>>> >>>> >> >> ServerRoot "C:\Program Files (x86)\Apache Software
>>> >>>> >> >> Foundation\Apache2.2"
>>> >>>> >> >> DirectoryIndex index.html
>>> >>>> >> >> Redirect / https://www.my_example.es:8443
>>> >>>> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
>>> >>>> >> >> Foundation\Apache2.2\logs\error.log"
>>> >>>> >> >> TransferLog "C:\Program Files (x86)\Apache Software
>>> >>>> >> >> Foundation\Apache2.2\logs\access.log"
>>> >>>> >> >>
>>> >>>> >> >> ProxyRequests Off
>>> >>>> >> >> </VirtualHost>
>>> >>>> >> >>
>>> >>>> >> >> And i've configured virtual host on 8443 in httpd-ssl.conf like
>>> >>>> >> >> this:
>>> >>>> >> >>
>>> >>>> >> >> <VirtualHost _default_:8443>
>>> >>>> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
>>> >>>> >> >> Foundation\Apache2.2\htdocs\my_example"
>>> >>>> >> >> DirectoryIndex index2.html
>>> >>>> >> >> ServerName www.my_example.es:8443
>>> >>>> >> >> ServerAdmin admin@my_example.es
>>> >>>> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
>>> >>>> >> >> Foundation\Apache2.2\logs\error.log"
>>> >>>> >> >> TransferLog "C:\Program Files (x86)\Apache Software
>>> >>>> >> >> Foundation\Apache2.2\logs\access.log"
>>> >>>> >> >>
>>> >>>> >> >> ProxyRequests Off
>>> >>>> >> >> ProxyPreserveHost On
>>> >>>> >> >> ProxyPass / https://192.168.112.57
>>> >>>> >> >> ProxyPassReverse / https://192.168.112.57
>>> >>>> >> >> </VirtualHost>
>>> >>>> >> >>
>>> >>>> >> >> Proxy modules enabled are mod_proxy.so and mod_proxy_http.so
>>> >>>> >> >> But this configuration is not working.
>>> >>>> >> >>
>>> >>>> >> >> If i comment both proxypass sentences and try, it connects to
>>> >>>> >> >> local
>>> >>>> >> >> index.html page, but if i enable proxypass sentences, it tries
>>> >>>> >> >> to
>>> >>>> >> >> connect, typical website certificate error (continue to this
>>> >>>> >> >> site)
>>> >>>> >> >> appears in iexplorer and internal server error page is
>>> >>>> >> >> displayed.
>>> >>>> >> >>
>>> >>>> >> >> Could anyone help me please?
>>> >>>> >> >>
>>> >>>> >> >> Thank you very much
>>> >>>> >> >> Andres
>>> >>>> >> >>
>>> >>>> >> >
>>> >>>> >> > Your port 80 vhost redirects users with protocol https to your
>>> >>>> >> > port
>>> >>>> >> > 8443
>>> >>>> >> > vhost.
>>> >>>> >> > Your port 8433 vhost is not configured for SSL.
>>> >>>> >> > Your browser attempts to talk SSL to a non SSL vhost.
>>> >>>> >> > Hilarity ensues.
>>> >>>> >> >
>>> >>>> >> > Cheers
>>> >>>> >> >
>>> >>>> >> > Tom
>>> >>>> >> >
>>> >>>> >> >
>>> >>>> >> > ---------------------------------------------------------------------
>>> >>>> >> > The official User-To-User support forum of the Apache HTTP
>>> >>>> >> > Server
>>> >>>> >> > Project.
>>> >>>> >> > See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> >>>> >> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> >>>> >> > " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> >>>> >> > For additional commands, e-mail: users-help@httpd.apache.org
>>> >>>> >> >
>>> >>>> >>
>>> >>>> >>
>>> >>>> >> ---------------------------------------------------------------------
>>> >>>> >> The official User-To-User support forum of the Apache HTTP Server
>>> >>>> >> Project.
>>> >>>> >> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> >>>> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> >>>> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> >>>> >> For additional commands, e-mail: users-help@httpd.apache.org
>>> >>>> >>
>>> >>>> >
>>> >>>>
>>> >>>> ---------------------------------------------------------------------
>>> >>>> The official User-To-User support forum of the Apache HTTP Server
>>> >>>> Project.
>>> >>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> >>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> >>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> >>>> For additional commands, e-mail: users-help@httpd.apache.org
>>> >>>>
>>> >>>
>>> >>
>>> >>
>>> >>
>>> >> --
>>> >> Born in Roswell... married an alien...
>>> >>
>>> >> ---------------------------------------------------------------------
>>> >> The official User-To-User support forum of the Apache HTTP Server
>>> >> Project.
>>> >> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> >> For additional commands, e-mail: users-help@httpd.apache.org
>>> >>
>>>
>>> ---------------------------------------------------------------------
>>> The official User-To-User support forum of the Apache HTTP Server Project.
>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy problem
Posted by Andres Aguado <an...@gmail.com>.
Yes, into httpd-ssl.conf
# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
#
Listen 8443
2012/2/20 Igor Cicimov <ic...@gmail.com>:
> Do you have
> Listen 8443
> at all in your config?
>
> On Feb 20, 2012 10:28 PM, "Andres Aguado" <an...@gmail.com> wrote:
>>
>> mmmmm, i've configured on other machine, other apache 2.2 as reverse
>> proxy and i've forwarded request to https://www.ingdirect.es, and the
>> error is the same
>>
>> This is a very strange cuestion but, do you know if these
>> configurations should work?, is it necessary to make any strange
>> configuration?
>>
>> Regards
>> Andres
>>
>> 2012/2/20 Andres Aguado <an...@gmail.com>:
>> > Hi again. Here we are again
>> >
>> > Sorry, but I don't understand that dns error, because i'm connecting
>> > to ip interface. I'm not connecting to dns name to simplify the issue.
>> > And i can connect from proxy to backend ok to https port. the problem
>> > seems to be when virtual host "proxypass" the request, because i can
>> > connect from another machine to https://192.168.112.57 too
>> >
>> > Jeff, I've changed proxypass and proxypassreverse sentences adding / a
>> > the end but it's not working.
>> >
>> > Arrrrrrrrrrrrrrrrrrgggggggggg, I can't believe this configuration is
>> > so difficult. It looked easy when i started it!
>> >
>> > 2012/2/17 Jeff Trawick <tr...@gmail.com>:
>> >> On Fri, Feb 17, 2012 at 10:28 AM, Igor Cicimov <ic...@gmail.com>
>> >> wrote:
>> >>> You have DNS error. Also check if you can connect from the proxy to
>> >>> the
>> >>> backend on ssl port.
>> >>
>> >> proxy: DNS
>> >> lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
>> >>
>> >> That looks more like a configuration problem... The path is
>> >> unexpectedly concatenated with the host (okay, IP).
>> >>
>> >> Change
>> >> ProxyPass / https://192.168.112.57
>> >> to
>> >> ProxyPass / https://192.168.112.57/
>> >> (similar for ProxyPassReverse)
>> >>>
>> >>> On Feb 18, 2012 1:04 AM, "Andres Aguado" <an...@gmail.com> wrote:
>> >>>>
>> >>>> Hi again Igor, connecting to https://192.168.112.57 directly, a
>> >>>> websphere app server (the backend app server for my case) admin page
>> >>>> is shown
>> >>>>
>> >>>> The error log shows this files since startup
>> >>>>
>> >>>> The Apache2.2 service has restarted.
>> >>>> arent: Received restart signal -- Restarting the server.
>> >>>> [Fri Feb 17 14:14:15 2012] [notice] Child 6132: Exit event signaled.
>> >>>> Child process is ending.
>> >>>> [Fri Feb 17 14:14:15 2012] [notice] Digest: generating secret for
>> >>>> digest authentication ...
>> >>>> [Fri Feb 17 14:14:15 2012] [notice] Digest: done
>> >>>> [Fri Feb 17 14:14:16 2012] [notice] Child 6132: Released the start
>> >>>> mutex
>> >>>> [Fri Feb 17 14:14:17 2012] [notice] Apache/2.2.21 (Win32) DAV/2
>> >>>> mod_ssl/2.2.21 OpenSSL/0.9.8r configured -- resuming normal
>> >>>> operations
>> >>>> [Fri Feb 17 14:14:17 2012] [notice] Server built: Sep 9 2011
>> >>>> 10:26:10
>> >>>> [Fri Feb 17 14:14:17 2012] [notice] Parent: Created child process
>> >>>> 4308
>> >>>> [Fri Feb 17 14:14:18 2012] [notice] Digest: generating secret for
>> >>>> digest authentication ...
>> >>>> [Fri Feb 17 14:14:18 2012] [notice] Digest: done
>> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Child process is
>> >>>> running
>> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Acquired the start
>> >>>> mutex.
>> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting 64 worker
>> >>>> threads.
>> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
>> >>>> listen on port 80.
>> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
>> >>>> listen on port 8443.
>> >>>> [Fri Feb 17 14:14:22 2012] [error] [client 127.0.0.1] proxy: DNS
>> >>>> lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
>> >>>> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: All worker threads
>> >>>> have
>> >>>> exited.
>> >>>> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: Child process is
>> >>>> exiting
>> >>>>
>> >>>> About app logs, i've not seen it and i don't know what file to look
>> >>>> for, so i'll ask app administrator server that sure will know it
>> >>>>
>> >>>> Thanks!
>> >>>> andres
>> >>>>
>> >>>> 2012/2/17 Igor Cicimov <ic...@gmail.com>:
>> >>>> > What is in the error file dude not the access one? Since you are
>> >>>> > proxying to
>> >>>> > https://192.168.112.57 do you have ssl enabled on that server? What
>> >>>> > do
>> >>>> > you
>> >>>> > see in its log file?
>> >>>> >
>> >>>> > Since you said http proxying works i suspect you don't have ssl
>> >>>> > configured
>> >>>> > on the backend 192.168.112.57.
>> >>>> >
>> >>>> >
>> >>>> > On Fri, Feb 17, 2012 at 8:57 PM, Andres Aguado
>> >>>> > <an...@gmail.com>
>> >>>> > wrote:
>> >>>> >>
>> >>>> >> Sorry Tom, here is an important piece of httpd-ssl.conf
>> >>>> >>
>> >>>> >> SSLEngine on #Behind proxypass sentences
>> >>>> >> SSLCertificateFile "C:\Program Files (x86)\Apache Software
>> >>>> >> Foundation\Apache2.2\conf\ssl\server.crt"
>> >>>> >> SSLCertificateKeyFile "C:\Program Files (x86)\Apache Software
>> >>>> >> Foundation\Apache2.2\conf\ssl\server.key"
>> >>>> >>
>> >>>> >> .crt and .key files has been created and are present in specified
>> >>>> >> directory
>> >>>> >>
>> >>>> >> Actuallly, redirect to https is disabled, and i'm not connecting
>> >>>> >> to
>> >>>> >> http, i'm connecting to https://ipreverseproxy:8443 directly.
>> >>>> >>
>> >>>> >> Regards
>> >>>> >> Andres
>> >>>> >>
>> >>>> >> 2012/2/17 Tom Evans <te...@googlemail.com>:
>> >>>> >> > On Thu, Feb 16, 2012 at 2:31 PM, Andres Aguado
>> >>>> >> > <an...@gmail.com>
>> >>>> >> > wrote:
>> >>>> >> >> Hi all, i'd like to expose my problem because i'm going crazy,
>> >>>> >> >> and
>> >>>> >> >> if
>> >>>> >> >> anyone could help me it'll be very appreciated.
>> >>>> >> >>
>> >>>> >> >> Well, I've an apache 2.2 server over win2k8, and i want to
>> >>>> >> >> configure
>> >>>> >> >> it as reverse proxy to send request to backend Websphere server
>> >>>> >> >>
>> >>>> >> >> So, my httpd.conf file is written like this:
>> >>>> >> >>
>> >>>> >> >> NameVirtualHost *:80
>> >>>> >> >> <VirtualHost *:80>
>> >>>> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
>> >>>> >> >> Foundation\Apache2.2\htdocs\my_example"
>> >>>> >> >> ServerName www.my_example.es:80
>> >>>> >> >> ServerRoot "C:\Program Files (x86)\Apache Software
>> >>>> >> >> Foundation\Apache2.2"
>> >>>> >> >> DirectoryIndex index.html
>> >>>> >> >> Redirect / https://www.my_example.es:8443
>> >>>> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
>> >>>> >> >> Foundation\Apache2.2\logs\error.log"
>> >>>> >> >> TransferLog "C:\Program Files (x86)\Apache Software
>> >>>> >> >> Foundation\Apache2.2\logs\access.log"
>> >>>> >> >>
>> >>>> >> >> ProxyRequests Off
>> >>>> >> >> </VirtualHost>
>> >>>> >> >>
>> >>>> >> >> And i've configured virtual host on 8443 in httpd-ssl.conf like
>> >>>> >> >> this:
>> >>>> >> >>
>> >>>> >> >> <VirtualHost _default_:8443>
>> >>>> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
>> >>>> >> >> Foundation\Apache2.2\htdocs\my_example"
>> >>>> >> >> DirectoryIndex index2.html
>> >>>> >> >> ServerName www.my_example.es:8443
>> >>>> >> >> ServerAdmin admin@my_example.es
>> >>>> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
>> >>>> >> >> Foundation\Apache2.2\logs\error.log"
>> >>>> >> >> TransferLog "C:\Program Files (x86)\Apache Software
>> >>>> >> >> Foundation\Apache2.2\logs\access.log"
>> >>>> >> >>
>> >>>> >> >> ProxyRequests Off
>> >>>> >> >> ProxyPreserveHost On
>> >>>> >> >> ProxyPass / https://192.168.112.57
>> >>>> >> >> ProxyPassReverse / https://192.168.112.57
>> >>>> >> >> </VirtualHost>
>> >>>> >> >>
>> >>>> >> >> Proxy modules enabled are mod_proxy.so and mod_proxy_http.so
>> >>>> >> >> But this configuration is not working.
>> >>>> >> >>
>> >>>> >> >> If i comment both proxypass sentences and try, it connects to
>> >>>> >> >> local
>> >>>> >> >> index.html page, but if i enable proxypass sentences, it tries
>> >>>> >> >> to
>> >>>> >> >> connect, typical website certificate error (continue to this
>> >>>> >> >> site)
>> >>>> >> >> appears in iexplorer and internal server error page is
>> >>>> >> >> displayed.
>> >>>> >> >>
>> >>>> >> >> Could anyone help me please?
>> >>>> >> >>
>> >>>> >> >> Thank you very much
>> >>>> >> >> Andres
>> >>>> >> >>
>> >>>> >> >
>> >>>> >> > Your port 80 vhost redirects users with protocol https to your
>> >>>> >> > port
>> >>>> >> > 8443
>> >>>> >> > vhost.
>> >>>> >> > Your port 8433 vhost is not configured for SSL.
>> >>>> >> > Your browser attempts to talk SSL to a non SSL vhost.
>> >>>> >> > Hilarity ensues.
>> >>>> >> >
>> >>>> >> > Cheers
>> >>>> >> >
>> >>>> >> > Tom
>> >>>> >> >
>> >>>> >> >
>> >>>> >> > ---------------------------------------------------------------------
>> >>>> >> > The official User-To-User support forum of the Apache HTTP
>> >>>> >> > Server
>> >>>> >> > Project.
>> >>>> >> > See <URL:http://httpd.apache.org/userslist.html> for more info.
>> >>>> >> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> >>>> >> > " from the digest: users-digest-unsubscribe@httpd.apache.org
>> >>>> >> > For additional commands, e-mail: users-help@httpd.apache.org
>> >>>> >> >
>> >>>> >>
>> >>>> >>
>> >>>> >> ---------------------------------------------------------------------
>> >>>> >> The official User-To-User support forum of the Apache HTTP Server
>> >>>> >> Project.
>> >>>> >> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> >>>> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> >>>> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> >>>> >> For additional commands, e-mail: users-help@httpd.apache.org
>> >>>> >>
>> >>>> >
>> >>>>
>> >>>> ---------------------------------------------------------------------
>> >>>> The official User-To-User support forum of the Apache HTTP Server
>> >>>> Project.
>> >>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> >>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> >>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> >>>> For additional commands, e-mail: users-help@httpd.apache.org
>> >>>>
>> >>>
>> >>
>> >>
>> >>
>> >> --
>> >> Born in Roswell... married an alien...
>> >>
>> >> ---------------------------------------------------------------------
>> >> The official User-To-User support forum of the Apache HTTP Server
>> >> Project.
>> >> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> >> For additional commands, e-mail: users-help@httpd.apache.org
>> >>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy problem
Posted by Igor Cicimov <ic...@gmail.com>.
Do you have
Listen 8443
at all in your config?
On Feb 20, 2012 10:28 PM, "Andres Aguado" <an...@gmail.com> wrote:
> mmmmm, i've configured on other machine, other apache 2.2 as reverse
> proxy and i've forwarded request to https://www.ingdirect.es, and the
> error is the same
>
> This is a very strange cuestion but, do you know if these
> configurations should work?, is it necessary to make any strange
> configuration?
>
> Regards
> Andres
>
> 2012/2/20 Andres Aguado <an...@gmail.com>:
> > Hi again. Here we are again
> >
> > Sorry, but I don't understand that dns error, because i'm connecting
> > to ip interface. I'm not connecting to dns name to simplify the issue.
> > And i can connect from proxy to backend ok to https port. the problem
> > seems to be when virtual host "proxypass" the request, because i can
> > connect from another machine to https://192.168.112.57 too
> >
> > Jeff, I've changed proxypass and proxypassreverse sentences adding / a
> > the end but it's not working.
> >
> > Arrrrrrrrrrrrrrrrrrgggggggggg, I can't believe this configuration is
> > so difficult. It looked easy when i started it!
> >
> > 2012/2/17 Jeff Trawick <tr...@gmail.com>:
> >> On Fri, Feb 17, 2012 at 10:28 AM, Igor Cicimov <ic...@gmail.com>
> wrote:
> >>> You have DNS error. Also check if you can connect from the proxy to the
> >>> backend on ssl port.
> >>
> >> proxy: DNS
> >> lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
> >>
> >> That looks more like a configuration problem... The path is
> >> unexpectedly concatenated with the host (okay, IP).
> >>
> >> Change
> >> ProxyPass / https://192.168.112.57
> >> to
> >> ProxyPass / https://192.168.112.57/
> >> (similar for ProxyPassReverse)
> >>>
> >>> On Feb 18, 2012 1:04 AM, "Andres Aguado" <an...@gmail.com> wrote:
> >>>>
> >>>> Hi again Igor, connecting to https://192.168.112.57 directly, a
> >>>> websphere app server (the backend app server for my case) admin page
> >>>> is shown
> >>>>
> >>>> The error log shows this files since startup
> >>>>
> >>>> The Apache2.2 service has restarted.
> >>>> arent: Received restart signal -- Restarting the server.
> >>>> [Fri Feb 17 14:14:15 2012] [notice] Child 6132: Exit event signaled.
> >>>> Child process is ending.
> >>>> [Fri Feb 17 14:14:15 2012] [notice] Digest: generating secret for
> >>>> digest authentication ...
> >>>> [Fri Feb 17 14:14:15 2012] [notice] Digest: done
> >>>> [Fri Feb 17 14:14:16 2012] [notice] Child 6132: Released the start
> mutex
> >>>> [Fri Feb 17 14:14:17 2012] [notice] Apache/2.2.21 (Win32) DAV/2
> >>>> mod_ssl/2.2.21 OpenSSL/0.9.8r configured -- resuming normal operations
> >>>> [Fri Feb 17 14:14:17 2012] [notice] Server built: Sep 9 2011 10:26:10
> >>>> [Fri Feb 17 14:14:17 2012] [notice] Parent: Created child process 4308
> >>>> [Fri Feb 17 14:14:18 2012] [notice] Digest: generating secret for
> >>>> digest authentication ...
> >>>> [Fri Feb 17 14:14:18 2012] [notice] Digest: done
> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Child process is
> running
> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Acquired the start
> mutex.
> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting 64 worker
> >>>> threads.
> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
> >>>> listen on port 80.
> >>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
> >>>> listen on port 8443.
> >>>> [Fri Feb 17 14:14:22 2012] [error] [client 127.0.0.1] proxy: DNS
> >>>> lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
> >>>> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: All worker threads
> have
> >>>> exited.
> >>>> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: Child process is
> exiting
> >>>>
> >>>> About app logs, i've not seen it and i don't know what file to look
> >>>> for, so i'll ask app administrator server that sure will know it
> >>>>
> >>>> Thanks!
> >>>> andres
> >>>>
> >>>> 2012/2/17 Igor Cicimov <ic...@gmail.com>:
> >>>> > What is in the error file dude not the access one? Since you are
> >>>> > proxying to
> >>>> > https://192.168.112.57 do you have ssl enabled on that server?
> What do
> >>>> > you
> >>>> > see in its log file?
> >>>> >
> >>>> > Since you said http proxying works i suspect you don't have ssl
> >>>> > configured
> >>>> > on the backend 192.168.112.57.
> >>>> >
> >>>> >
> >>>> > On Fri, Feb 17, 2012 at 8:57 PM, Andres Aguado <
> andriu.one@gmail.com>
> >>>> > wrote:
> >>>> >>
> >>>> >> Sorry Tom, here is an important piece of httpd-ssl.conf
> >>>> >>
> >>>> >> SSLEngine on #Behind proxypass sentences
> >>>> >> SSLCertificateFile "C:\Program Files (x86)\Apache Software
> >>>> >> Foundation\Apache2.2\conf\ssl\server.crt"
> >>>> >> SSLCertificateKeyFile "C:\Program Files (x86)\Apache Software
> >>>> >> Foundation\Apache2.2\conf\ssl\server.key"
> >>>> >>
> >>>> >> .crt and .key files has been created and are present in specified
> >>>> >> directory
> >>>> >>
> >>>> >> Actuallly, redirect to https is disabled, and i'm not connecting to
> >>>> >> http, i'm connecting to https://ipreverseproxy:8443 directly.
> >>>> >>
> >>>> >> Regards
> >>>> >> Andres
> >>>> >>
> >>>> >> 2012/2/17 Tom Evans <te...@googlemail.com>:
> >>>> >> > On Thu, Feb 16, 2012 at 2:31 PM, Andres Aguado <
> andriu.one@gmail.com>
> >>>> >> > wrote:
> >>>> >> >> Hi all, i'd like to expose my problem because i'm going crazy,
> and
> >>>> >> >> if
> >>>> >> >> anyone could help me it'll be very appreciated.
> >>>> >> >>
> >>>> >> >> Well, I've an apache 2.2 server over win2k8, and i want to
> configure
> >>>> >> >> it as reverse proxy to send request to backend Websphere server
> >>>> >> >>
> >>>> >> >> So, my httpd.conf file is written like this:
> >>>> >> >>
> >>>> >> >> NameVirtualHost *:80
> >>>> >> >> <VirtualHost *:80>
> >>>> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
> >>>> >> >> Foundation\Apache2.2\htdocs\my_example"
> >>>> >> >> ServerName www.my_example.es:80
> >>>> >> >> ServerRoot "C:\Program Files (x86)\Apache Software
> >>>> >> >> Foundation\Apache2.2"
> >>>> >> >> DirectoryIndex index.html
> >>>> >> >> Redirect / https://www.my_example.es:8443
> >>>> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
> >>>> >> >> Foundation\Apache2.2\logs\error.log"
> >>>> >> >> TransferLog "C:\Program Files (x86)\Apache Software
> >>>> >> >> Foundation\Apache2.2\logs\access.log"
> >>>> >> >>
> >>>> >> >> ProxyRequests Off
> >>>> >> >> </VirtualHost>
> >>>> >> >>
> >>>> >> >> And i've configured virtual host on 8443 in httpd-ssl.conf like
> >>>> >> >> this:
> >>>> >> >>
> >>>> >> >> <VirtualHost _default_:8443>
> >>>> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
> >>>> >> >> Foundation\Apache2.2\htdocs\my_example"
> >>>> >> >> DirectoryIndex index2.html
> >>>> >> >> ServerName www.my_example.es:8443
> >>>> >> >> ServerAdmin admin@my_example.es
> >>>> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
> >>>> >> >> Foundation\Apache2.2\logs\error.log"
> >>>> >> >> TransferLog "C:\Program Files (x86)\Apache Software
> >>>> >> >> Foundation\Apache2.2\logs\access.log"
> >>>> >> >>
> >>>> >> >> ProxyRequests Off
> >>>> >> >> ProxyPreserveHost On
> >>>> >> >> ProxyPass / https://192.168.112.57
> >>>> >> >> ProxyPassReverse / https://192.168.112.57
> >>>> >> >> </VirtualHost>
> >>>> >> >>
> >>>> >> >> Proxy modules enabled are mod_proxy.so and mod_proxy_http.so
> >>>> >> >> But this configuration is not working.
> >>>> >> >>
> >>>> >> >> If i comment both proxypass sentences and try, it connects to
> local
> >>>> >> >> index.html page, but if i enable proxypass sentences, it tries
> to
> >>>> >> >> connect, typical website certificate error (continue to this
> site)
> >>>> >> >> appears in iexplorer and internal server error page is
> displayed.
> >>>> >> >>
> >>>> >> >> Could anyone help me please?
> >>>> >> >>
> >>>> >> >> Thank you very much
> >>>> >> >> Andres
> >>>> >> >>
> >>>> >> >
> >>>> >> > Your port 80 vhost redirects users with protocol https to your
> port
> >>>> >> > 8443
> >>>> >> > vhost.
> >>>> >> > Your port 8433 vhost is not configured for SSL.
> >>>> >> > Your browser attempts to talk SSL to a non SSL vhost.
> >>>> >> > Hilarity ensues.
> >>>> >> >
> >>>> >> > Cheers
> >>>> >> >
> >>>> >> > Tom
> >>>> >> >
> >>>> >> >
> ---------------------------------------------------------------------
> >>>> >> > The official User-To-User support forum of the Apache HTTP Server
> >>>> >> > Project.
> >>>> >> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> >>>> >> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>>> >> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>> >> > For additional commands, e-mail: users-help@httpd.apache.org
> >>>> >> >
> >>>> >>
> >>>> >>
> ---------------------------------------------------------------------
> >>>> >> The official User-To-User support forum of the Apache HTTP Server
> >>>> >> Project.
> >>>> >> See <URL:http://httpd.apache.org/userslist.html> for more info.
> >>>> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>>> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>> >> For additional commands, e-mail: users-help@httpd.apache.org
> >>>> >>
> >>>> >
> >>>>
> >>>> ---------------------------------------------------------------------
> >>>> The official User-To-User support forum of the Apache HTTP Server
> Project.
> >>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
> >>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>> For additional commands, e-mail: users-help@httpd.apache.org
> >>>>
> >>>
> >>
> >>
> >>
> >> --
> >> Born in Roswell... married an alien...
> >>
> >> ---------------------------------------------------------------------
> >> The official User-To-User support forum of the Apache HTTP Server
> Project.
> >> See <URL:http://httpd.apache.org/userslist.html> for more info.
> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >> For additional commands, e-mail: users-help@httpd.apache.org
> >>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users@httpd] Reverse proxy problem
Posted by Andres Aguado <an...@gmail.com>.
mmmmm, i've configured on other machine, other apache 2.2 as reverse
proxy and i've forwarded request to https://www.ingdirect.es, and the
error is the same
This is a very strange cuestion but, do you know if these
configurations should work?, is it necessary to make any strange
configuration?
Regards
Andres
2012/2/20 Andres Aguado <an...@gmail.com>:
> Hi again. Here we are again
>
> Sorry, but I don't understand that dns error, because i'm connecting
> to ip interface. I'm not connecting to dns name to simplify the issue.
> And i can connect from proxy to backend ok to https port. the problem
> seems to be when virtual host "proxypass" the request, because i can
> connect from another machine to https://192.168.112.57 too
>
> Jeff, I've changed proxypass and proxypassreverse sentences adding / a
> the end but it's not working.
>
> Arrrrrrrrrrrrrrrrrrgggggggggg, I can't believe this configuration is
> so difficult. It looked easy when i started it!
>
> 2012/2/17 Jeff Trawick <tr...@gmail.com>:
>> On Fri, Feb 17, 2012 at 10:28 AM, Igor Cicimov <ic...@gmail.com> wrote:
>>> You have DNS error. Also check if you can connect from the proxy to the
>>> backend on ssl port.
>>
>> proxy: DNS
>> lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
>>
>> That looks more like a configuration problem... The path is
>> unexpectedly concatenated with the host (okay, IP).
>>
>> Change
>> ProxyPass / https://192.168.112.57
>> to
>> ProxyPass / https://192.168.112.57/
>> (similar for ProxyPassReverse)
>>>
>>> On Feb 18, 2012 1:04 AM, "Andres Aguado" <an...@gmail.com> wrote:
>>>>
>>>> Hi again Igor, connecting to https://192.168.112.57 directly, a
>>>> websphere app server (the backend app server for my case) admin page
>>>> is shown
>>>>
>>>> The error log shows this files since startup
>>>>
>>>> The Apache2.2 service has restarted.
>>>> arent: Received restart signal -- Restarting the server.
>>>> [Fri Feb 17 14:14:15 2012] [notice] Child 6132: Exit event signaled.
>>>> Child process is ending.
>>>> [Fri Feb 17 14:14:15 2012] [notice] Digest: generating secret for
>>>> digest authentication ...
>>>> [Fri Feb 17 14:14:15 2012] [notice] Digest: done
>>>> [Fri Feb 17 14:14:16 2012] [notice] Child 6132: Released the start mutex
>>>> [Fri Feb 17 14:14:17 2012] [notice] Apache/2.2.21 (Win32) DAV/2
>>>> mod_ssl/2.2.21 OpenSSL/0.9.8r configured -- resuming normal operations
>>>> [Fri Feb 17 14:14:17 2012] [notice] Server built: Sep 9 2011 10:26:10
>>>> [Fri Feb 17 14:14:17 2012] [notice] Parent: Created child process 4308
>>>> [Fri Feb 17 14:14:18 2012] [notice] Digest: generating secret for
>>>> digest authentication ...
>>>> [Fri Feb 17 14:14:18 2012] [notice] Digest: done
>>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Child process is running
>>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Acquired the start mutex.
>>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting 64 worker
>>>> threads.
>>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
>>>> listen on port 80.
>>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
>>>> listen on port 8443.
>>>> [Fri Feb 17 14:14:22 2012] [error] [client 127.0.0.1] proxy: DNS
>>>> lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
>>>> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: All worker threads have
>>>> exited.
>>>> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: Child process is exiting
>>>>
>>>> About app logs, i've not seen it and i don't know what file to look
>>>> for, so i'll ask app administrator server that sure will know it
>>>>
>>>> Thanks!
>>>> andres
>>>>
>>>> 2012/2/17 Igor Cicimov <ic...@gmail.com>:
>>>> > What is in the error file dude not the access one? Since you are
>>>> > proxying to
>>>> > https://192.168.112.57 do you have ssl enabled on that server? What do
>>>> > you
>>>> > see in its log file?
>>>> >
>>>> > Since you said http proxying works i suspect you don't have ssl
>>>> > configured
>>>> > on the backend 192.168.112.57.
>>>> >
>>>> >
>>>> > On Fri, Feb 17, 2012 at 8:57 PM, Andres Aguado <an...@gmail.com>
>>>> > wrote:
>>>> >>
>>>> >> Sorry Tom, here is an important piece of httpd-ssl.conf
>>>> >>
>>>> >> SSLEngine on #Behind proxypass sentences
>>>> >> SSLCertificateFile "C:\Program Files (x86)\Apache Software
>>>> >> Foundation\Apache2.2\conf\ssl\server.crt"
>>>> >> SSLCertificateKeyFile "C:\Program Files (x86)\Apache Software
>>>> >> Foundation\Apache2.2\conf\ssl\server.key"
>>>> >>
>>>> >> .crt and .key files has been created and are present in specified
>>>> >> directory
>>>> >>
>>>> >> Actuallly, redirect to https is disabled, and i'm not connecting to
>>>> >> http, i'm connecting to https://ipreverseproxy:8443 directly.
>>>> >>
>>>> >> Regards
>>>> >> Andres
>>>> >>
>>>> >> 2012/2/17 Tom Evans <te...@googlemail.com>:
>>>> >> > On Thu, Feb 16, 2012 at 2:31 PM, Andres Aguado <an...@gmail.com>
>>>> >> > wrote:
>>>> >> >> Hi all, i'd like to expose my problem because i'm going crazy, and
>>>> >> >> if
>>>> >> >> anyone could help me it'll be very appreciated.
>>>> >> >>
>>>> >> >> Well, I've an apache 2.2 server over win2k8, and i want to configure
>>>> >> >> it as reverse proxy to send request to backend Websphere server
>>>> >> >>
>>>> >> >> So, my httpd.conf file is written like this:
>>>> >> >>
>>>> >> >> NameVirtualHost *:80
>>>> >> >> <VirtualHost *:80>
>>>> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
>>>> >> >> Foundation\Apache2.2\htdocs\my_example"
>>>> >> >> ServerName www.my_example.es:80
>>>> >> >> ServerRoot "C:\Program Files (x86)\Apache Software
>>>> >> >> Foundation\Apache2.2"
>>>> >> >> DirectoryIndex index.html
>>>> >> >> Redirect / https://www.my_example.es:8443
>>>> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
>>>> >> >> Foundation\Apache2.2\logs\error.log"
>>>> >> >> TransferLog "C:\Program Files (x86)\Apache Software
>>>> >> >> Foundation\Apache2.2\logs\access.log"
>>>> >> >>
>>>> >> >> ProxyRequests Off
>>>> >> >> </VirtualHost>
>>>> >> >>
>>>> >> >> And i've configured virtual host on 8443 in httpd-ssl.conf like
>>>> >> >> this:
>>>> >> >>
>>>> >> >> <VirtualHost _default_:8443>
>>>> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
>>>> >> >> Foundation\Apache2.2\htdocs\my_example"
>>>> >> >> DirectoryIndex index2.html
>>>> >> >> ServerName www.my_example.es:8443
>>>> >> >> ServerAdmin admin@my_example.es
>>>> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
>>>> >> >> Foundation\Apache2.2\logs\error.log"
>>>> >> >> TransferLog "C:\Program Files (x86)\Apache Software
>>>> >> >> Foundation\Apache2.2\logs\access.log"
>>>> >> >>
>>>> >> >> ProxyRequests Off
>>>> >> >> ProxyPreserveHost On
>>>> >> >> ProxyPass / https://192.168.112.57
>>>> >> >> ProxyPassReverse / https://192.168.112.57
>>>> >> >> </VirtualHost>
>>>> >> >>
>>>> >> >> Proxy modules enabled are mod_proxy.so and mod_proxy_http.so
>>>> >> >> But this configuration is not working.
>>>> >> >>
>>>> >> >> If i comment both proxypass sentences and try, it connects to local
>>>> >> >> index.html page, but if i enable proxypass sentences, it tries to
>>>> >> >> connect, typical website certificate error (continue to this site)
>>>> >> >> appears in iexplorer and internal server error page is displayed.
>>>> >> >>
>>>> >> >> Could anyone help me please?
>>>> >> >>
>>>> >> >> Thank you very much
>>>> >> >> Andres
>>>> >> >>
>>>> >> >
>>>> >> > Your port 80 vhost redirects users with protocol https to your port
>>>> >> > 8443
>>>> >> > vhost.
>>>> >> > Your port 8433 vhost is not configured for SSL.
>>>> >> > Your browser attempts to talk SSL to a non SSL vhost.
>>>> >> > Hilarity ensues.
>>>> >> >
>>>> >> > Cheers
>>>> >> >
>>>> >> > Tom
>>>> >> >
>>>> >> > ---------------------------------------------------------------------
>>>> >> > The official User-To-User support forum of the Apache HTTP Server
>>>> >> > Project.
>>>> >> > See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> >> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> >> > " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> >> > For additional commands, e-mail: users-help@httpd.apache.org
>>>> >> >
>>>> >>
>>>> >> ---------------------------------------------------------------------
>>>> >> The official User-To-User support forum of the Apache HTTP Server
>>>> >> Project.
>>>> >> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> >> For additional commands, e-mail: users-help@httpd.apache.org
>>>> >>
>>>> >
>>>>
>>>> ---------------------------------------------------------------------
>>>> The official User-To-User support forum of the Apache HTTP Server Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>
>>
>>
>>
>> --
>> Born in Roswell... married an alien...
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy problem
Posted by Andres Aguado <an...@gmail.com>.
Hi again. Here we are again
Sorry, but I don't understand that dns error, because i'm connecting
to ip interface. I'm not connecting to dns name to simplify the issue.
And i can connect from proxy to backend ok to https port. the problem
seems to be when virtual host "proxypass" the request, because i can
connect from another machine to https://192.168.112.57 too
Jeff, I've changed proxypass and proxypassreverse sentences adding / a
the end but it's not working.
Arrrrrrrrrrrrrrrrrrgggggggggg, I can't believe this configuration is
so difficult. It looked easy when i started it!
2012/2/17 Jeff Trawick <tr...@gmail.com>:
> On Fri, Feb 17, 2012 at 10:28 AM, Igor Cicimov <ic...@gmail.com> wrote:
>> You have DNS error. Also check if you can connect from the proxy to the
>> backend on ssl port.
>
> proxy: DNS
> lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
>
> That looks more like a configuration problem... The path is
> unexpectedly concatenated with the host (okay, IP).
>
> Change
> ProxyPass / https://192.168.112.57
> to
> ProxyPass / https://192.168.112.57/
> (similar for ProxyPassReverse)
>>
>> On Feb 18, 2012 1:04 AM, "Andres Aguado" <an...@gmail.com> wrote:
>>>
>>> Hi again Igor, connecting to https://192.168.112.57 directly, a
>>> websphere app server (the backend app server for my case) admin page
>>> is shown
>>>
>>> The error log shows this files since startup
>>>
>>> The Apache2.2 service has restarted.
>>> arent: Received restart signal -- Restarting the server.
>>> [Fri Feb 17 14:14:15 2012] [notice] Child 6132: Exit event signaled.
>>> Child process is ending.
>>> [Fri Feb 17 14:14:15 2012] [notice] Digest: generating secret for
>>> digest authentication ...
>>> [Fri Feb 17 14:14:15 2012] [notice] Digest: done
>>> [Fri Feb 17 14:14:16 2012] [notice] Child 6132: Released the start mutex
>>> [Fri Feb 17 14:14:17 2012] [notice] Apache/2.2.21 (Win32) DAV/2
>>> mod_ssl/2.2.21 OpenSSL/0.9.8r configured -- resuming normal operations
>>> [Fri Feb 17 14:14:17 2012] [notice] Server built: Sep 9 2011 10:26:10
>>> [Fri Feb 17 14:14:17 2012] [notice] Parent: Created child process 4308
>>> [Fri Feb 17 14:14:18 2012] [notice] Digest: generating secret for
>>> digest authentication ...
>>> [Fri Feb 17 14:14:18 2012] [notice] Digest: done
>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Child process is running
>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Acquired the start mutex.
>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting 64 worker
>>> threads.
>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
>>> listen on port 80.
>>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
>>> listen on port 8443.
>>> [Fri Feb 17 14:14:22 2012] [error] [client 127.0.0.1] proxy: DNS
>>> lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
>>> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: All worker threads have
>>> exited.
>>> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: Child process is exiting
>>>
>>> About app logs, i've not seen it and i don't know what file to look
>>> for, so i'll ask app administrator server that sure will know it
>>>
>>> Thanks!
>>> andres
>>>
>>> 2012/2/17 Igor Cicimov <ic...@gmail.com>:
>>> > What is in the error file dude not the access one? Since you are
>>> > proxying to
>>> > https://192.168.112.57 do you have ssl enabled on that server? What do
>>> > you
>>> > see in its log file?
>>> >
>>> > Since you said http proxying works i suspect you don't have ssl
>>> > configured
>>> > on the backend 192.168.112.57.
>>> >
>>> >
>>> > On Fri, Feb 17, 2012 at 8:57 PM, Andres Aguado <an...@gmail.com>
>>> > wrote:
>>> >>
>>> >> Sorry Tom, here is an important piece of httpd-ssl.conf
>>> >>
>>> >> SSLEngine on #Behind proxypass sentences
>>> >> SSLCertificateFile "C:\Program Files (x86)\Apache Software
>>> >> Foundation\Apache2.2\conf\ssl\server.crt"
>>> >> SSLCertificateKeyFile "C:\Program Files (x86)\Apache Software
>>> >> Foundation\Apache2.2\conf\ssl\server.key"
>>> >>
>>> >> .crt and .key files has been created and are present in specified
>>> >> directory
>>> >>
>>> >> Actuallly, redirect to https is disabled, and i'm not connecting to
>>> >> http, i'm connecting to https://ipreverseproxy:8443 directly.
>>> >>
>>> >> Regards
>>> >> Andres
>>> >>
>>> >> 2012/2/17 Tom Evans <te...@googlemail.com>:
>>> >> > On Thu, Feb 16, 2012 at 2:31 PM, Andres Aguado <an...@gmail.com>
>>> >> > wrote:
>>> >> >> Hi all, i'd like to expose my problem because i'm going crazy, and
>>> >> >> if
>>> >> >> anyone could help me it'll be very appreciated.
>>> >> >>
>>> >> >> Well, I've an apache 2.2 server over win2k8, and i want to configure
>>> >> >> it as reverse proxy to send request to backend Websphere server
>>> >> >>
>>> >> >> So, my httpd.conf file is written like this:
>>> >> >>
>>> >> >> NameVirtualHost *:80
>>> >> >> <VirtualHost *:80>
>>> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
>>> >> >> Foundation\Apache2.2\htdocs\my_example"
>>> >> >> ServerName www.my_example.es:80
>>> >> >> ServerRoot "C:\Program Files (x86)\Apache Software
>>> >> >> Foundation\Apache2.2"
>>> >> >> DirectoryIndex index.html
>>> >> >> Redirect / https://www.my_example.es:8443
>>> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
>>> >> >> Foundation\Apache2.2\logs\error.log"
>>> >> >> TransferLog "C:\Program Files (x86)\Apache Software
>>> >> >> Foundation\Apache2.2\logs\access.log"
>>> >> >>
>>> >> >> ProxyRequests Off
>>> >> >> </VirtualHost>
>>> >> >>
>>> >> >> And i've configured virtual host on 8443 in httpd-ssl.conf like
>>> >> >> this:
>>> >> >>
>>> >> >> <VirtualHost _default_:8443>
>>> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
>>> >> >> Foundation\Apache2.2\htdocs\my_example"
>>> >> >> DirectoryIndex index2.html
>>> >> >> ServerName www.my_example.es:8443
>>> >> >> ServerAdmin admin@my_example.es
>>> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
>>> >> >> Foundation\Apache2.2\logs\error.log"
>>> >> >> TransferLog "C:\Program Files (x86)\Apache Software
>>> >> >> Foundation\Apache2.2\logs\access.log"
>>> >> >>
>>> >> >> ProxyRequests Off
>>> >> >> ProxyPreserveHost On
>>> >> >> ProxyPass / https://192.168.112.57
>>> >> >> ProxyPassReverse / https://192.168.112.57
>>> >> >> </VirtualHost>
>>> >> >>
>>> >> >> Proxy modules enabled are mod_proxy.so and mod_proxy_http.so
>>> >> >> But this configuration is not working.
>>> >> >>
>>> >> >> If i comment both proxypass sentences and try, it connects to local
>>> >> >> index.html page, but if i enable proxypass sentences, it tries to
>>> >> >> connect, typical website certificate error (continue to this site)
>>> >> >> appears in iexplorer and internal server error page is displayed.
>>> >> >>
>>> >> >> Could anyone help me please?
>>> >> >>
>>> >> >> Thank you very much
>>> >> >> Andres
>>> >> >>
>>> >> >
>>> >> > Your port 80 vhost redirects users with protocol https to your port
>>> >> > 8443
>>> >> > vhost.
>>> >> > Your port 8433 vhost is not configured for SSL.
>>> >> > Your browser attempts to talk SSL to a non SSL vhost.
>>> >> > Hilarity ensues.
>>> >> >
>>> >> > Cheers
>>> >> >
>>> >> > Tom
>>> >> >
>>> >> > ---------------------------------------------------------------------
>>> >> > The official User-To-User support forum of the Apache HTTP Server
>>> >> > Project.
>>> >> > See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> >> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> >> > " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> >> > For additional commands, e-mail: users-help@httpd.apache.org
>>> >> >
>>> >>
>>> >> ---------------------------------------------------------------------
>>> >> The official User-To-User support forum of the Apache HTTP Server
>>> >> Project.
>>> >> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> >> For additional commands, e-mail: users-help@httpd.apache.org
>>> >>
>>> >
>>>
>>> ---------------------------------------------------------------------
>>> The official User-To-User support forum of the Apache HTTP Server Project.
>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>
>
>
>
> --
> Born in Roswell... married an alien...
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy problem
Posted by Jeff Trawick <tr...@gmail.com>.
On Fri, Feb 17, 2012 at 10:28 AM, Igor Cicimov <ic...@gmail.com> wrote:
> You have DNS error. Also check if you can connect from the proxy to the
> backend on ssl port.
proxy: DNS
lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
That looks more like a configuration problem... The path is
unexpectedly concatenated with the host (okay, IP).
Change
ProxyPass / https://192.168.112.57
to
ProxyPass / https://192.168.112.57/
(similar for ProxyPassReverse)
>
> On Feb 18, 2012 1:04 AM, "Andres Aguado" <an...@gmail.com> wrote:
>>
>> Hi again Igor, connecting to https://192.168.112.57 directly, a
>> websphere app server (the backend app server for my case) admin page
>> is shown
>>
>> The error log shows this files since startup
>>
>> The Apache2.2 service has restarted.
>> arent: Received restart signal -- Restarting the server.
>> [Fri Feb 17 14:14:15 2012] [notice] Child 6132: Exit event signaled.
>> Child process is ending.
>> [Fri Feb 17 14:14:15 2012] [notice] Digest: generating secret for
>> digest authentication ...
>> [Fri Feb 17 14:14:15 2012] [notice] Digest: done
>> [Fri Feb 17 14:14:16 2012] [notice] Child 6132: Released the start mutex
>> [Fri Feb 17 14:14:17 2012] [notice] Apache/2.2.21 (Win32) DAV/2
>> mod_ssl/2.2.21 OpenSSL/0.9.8r configured -- resuming normal operations
>> [Fri Feb 17 14:14:17 2012] [notice] Server built: Sep 9 2011 10:26:10
>> [Fri Feb 17 14:14:17 2012] [notice] Parent: Created child process 4308
>> [Fri Feb 17 14:14:18 2012] [notice] Digest: generating secret for
>> digest authentication ...
>> [Fri Feb 17 14:14:18 2012] [notice] Digest: done
>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Child process is running
>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Acquired the start mutex.
>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting 64 worker
>> threads.
>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
>> listen on port 80.
>> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
>> listen on port 8443.
>> [Fri Feb 17 14:14:22 2012] [error] [client 127.0.0.1] proxy: DNS
>> lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
>> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: All worker threads have
>> exited.
>> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: Child process is exiting
>>
>> About app logs, i've not seen it and i don't know what file to look
>> for, so i'll ask app administrator server that sure will know it
>>
>> Thanks!
>> andres
>>
>> 2012/2/17 Igor Cicimov <ic...@gmail.com>:
>> > What is in the error file dude not the access one? Since you are
>> > proxying to
>> > https://192.168.112.57 do you have ssl enabled on that server? What do
>> > you
>> > see in its log file?
>> >
>> > Since you said http proxying works i suspect you don't have ssl
>> > configured
>> > on the backend 192.168.112.57.
>> >
>> >
>> > On Fri, Feb 17, 2012 at 8:57 PM, Andres Aguado <an...@gmail.com>
>> > wrote:
>> >>
>> >> Sorry Tom, here is an important piece of httpd-ssl.conf
>> >>
>> >> SSLEngine on #Behind proxypass sentences
>> >> SSLCertificateFile "C:\Program Files (x86)\Apache Software
>> >> Foundation\Apache2.2\conf\ssl\server.crt"
>> >> SSLCertificateKeyFile "C:\Program Files (x86)\Apache Software
>> >> Foundation\Apache2.2\conf\ssl\server.key"
>> >>
>> >> .crt and .key files has been created and are present in specified
>> >> directory
>> >>
>> >> Actuallly, redirect to https is disabled, and i'm not connecting to
>> >> http, i'm connecting to https://ipreverseproxy:8443 directly.
>> >>
>> >> Regards
>> >> Andres
>> >>
>> >> 2012/2/17 Tom Evans <te...@googlemail.com>:
>> >> > On Thu, Feb 16, 2012 at 2:31 PM, Andres Aguado <an...@gmail.com>
>> >> > wrote:
>> >> >> Hi all, i'd like to expose my problem because i'm going crazy, and
>> >> >> if
>> >> >> anyone could help me it'll be very appreciated.
>> >> >>
>> >> >> Well, I've an apache 2.2 server over win2k8, and i want to configure
>> >> >> it as reverse proxy to send request to backend Websphere server
>> >> >>
>> >> >> So, my httpd.conf file is written like this:
>> >> >>
>> >> >> NameVirtualHost *:80
>> >> >> <VirtualHost *:80>
>> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
>> >> >> Foundation\Apache2.2\htdocs\my_example"
>> >> >> ServerName www.my_example.es:80
>> >> >> ServerRoot "C:\Program Files (x86)\Apache Software
>> >> >> Foundation\Apache2.2"
>> >> >> DirectoryIndex index.html
>> >> >> Redirect / https://www.my_example.es:8443
>> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
>> >> >> Foundation\Apache2.2\logs\error.log"
>> >> >> TransferLog "C:\Program Files (x86)\Apache Software
>> >> >> Foundation\Apache2.2\logs\access.log"
>> >> >>
>> >> >> ProxyRequests Off
>> >> >> </VirtualHost>
>> >> >>
>> >> >> And i've configured virtual host on 8443 in httpd-ssl.conf like
>> >> >> this:
>> >> >>
>> >> >> <VirtualHost _default_:8443>
>> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
>> >> >> Foundation\Apache2.2\htdocs\my_example"
>> >> >> DirectoryIndex index2.html
>> >> >> ServerName www.my_example.es:8443
>> >> >> ServerAdmin admin@my_example.es
>> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
>> >> >> Foundation\Apache2.2\logs\error.log"
>> >> >> TransferLog "C:\Program Files (x86)\Apache Software
>> >> >> Foundation\Apache2.2\logs\access.log"
>> >> >>
>> >> >> ProxyRequests Off
>> >> >> ProxyPreserveHost On
>> >> >> ProxyPass / https://192.168.112.57
>> >> >> ProxyPassReverse / https://192.168.112.57
>> >> >> </VirtualHost>
>> >> >>
>> >> >> Proxy modules enabled are mod_proxy.so and mod_proxy_http.so
>> >> >> But this configuration is not working.
>> >> >>
>> >> >> If i comment both proxypass sentences and try, it connects to local
>> >> >> index.html page, but if i enable proxypass sentences, it tries to
>> >> >> connect, typical website certificate error (continue to this site)
>> >> >> appears in iexplorer and internal server error page is displayed.
>> >> >>
>> >> >> Could anyone help me please?
>> >> >>
>> >> >> Thank you very much
>> >> >> Andres
>> >> >>
>> >> >
>> >> > Your port 80 vhost redirects users with protocol https to your port
>> >> > 8443
>> >> > vhost.
>> >> > Your port 8433 vhost is not configured for SSL.
>> >> > Your browser attempts to talk SSL to a non SSL vhost.
>> >> > Hilarity ensues.
>> >> >
>> >> > Cheers
>> >> >
>> >> > Tom
>> >> >
>> >> > ---------------------------------------------------------------------
>> >> > The official User-To-User support forum of the Apache HTTP Server
>> >> > Project.
>> >> > See <URL:http://httpd.apache.org/userslist.html> for more info.
>> >> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> >> > " from the digest: users-digest-unsubscribe@httpd.apache.org
>> >> > For additional commands, e-mail: users-help@httpd.apache.org
>> >> >
>> >>
>> >> ---------------------------------------------------------------------
>> >> The official User-To-User support forum of the Apache HTTP Server
>> >> Project.
>> >> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> >> For additional commands, e-mail: users-help@httpd.apache.org
>> >>
>> >
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
--
Born in Roswell... married an alien...
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy problem
Posted by Igor Cicimov <ic...@gmail.com>.
You have DNS error. Also check if you can connect from the proxy to the
backend on ssl port.
On Feb 18, 2012 1:04 AM, "Andres Aguado" <an...@gmail.com> wrote:
> Hi again Igor, connecting to https://192.168.112.57 directly, a
> websphere app server (the backend app server for my case) admin page
> is shown
>
> The error log shows this files since startup
>
> The Apache2.2 service has restarted.
> arent: Received restart signal -- Restarting the server.
> [Fri Feb 17 14:14:15 2012] [notice] Child 6132: Exit event signaled.
> Child process is ending.
> [Fri Feb 17 14:14:15 2012] [notice] Digest: generating secret for
> digest authentication ...
> [Fri Feb 17 14:14:15 2012] [notice] Digest: done
> [Fri Feb 17 14:14:16 2012] [notice] Child 6132: Released the start mutex
> [Fri Feb 17 14:14:17 2012] [notice] Apache/2.2.21 (Win32) DAV/2
> mod_ssl/2.2.21 OpenSSL/0.9.8r configured -- resuming normal operations
> [Fri Feb 17 14:14:17 2012] [notice] Server built: Sep 9 2011 10:26:10
> [Fri Feb 17 14:14:17 2012] [notice] Parent: Created child process 4308
> [Fri Feb 17 14:14:18 2012] [notice] Digest: generating secret for
> digest authentication ...
> [Fri Feb 17 14:14:18 2012] [notice] Digest: done
> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Child process is running
> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Acquired the start mutex.
> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting 64 worker threads.
> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
> listen on port 80.
> [Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
> listen on port 8443.
> [Fri Feb 17 14:14:22 2012] [error] [client 127.0.0.1] proxy: DNS
> lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: All worker threads have
> exited.
> [Fri Feb 17 14:14:22 2012] [notice] Child 6132: Child process is exiting
>
> About app logs, i've not seen it and i don't know what file to look
> for, so i'll ask app administrator server that sure will know it
>
> Thanks!
> andres
>
> 2012/2/17 Igor Cicimov <ic...@gmail.com>:
> > What is in the error file dude not the access one? Since you are
> proxying to
> > https://192.168.112.57 do you have ssl enabled on that server? What do
> you
> > see in its log file?
> >
> > Since you said http proxying works i suspect you don't have ssl
> configured
> > on the backend 192.168.112.57.
> >
> >
> > On Fri, Feb 17, 2012 at 8:57 PM, Andres Aguado <an...@gmail.com>
> wrote:
> >>
> >> Sorry Tom, here is an important piece of httpd-ssl.conf
> >>
> >> SSLEngine on #Behind proxypass sentences
> >> SSLCertificateFile "C:\Program Files (x86)\Apache Software
> >> Foundation\Apache2.2\conf\ssl\server.crt"
> >> SSLCertificateKeyFile "C:\Program Files (x86)\Apache Software
> >> Foundation\Apache2.2\conf\ssl\server.key"
> >>
> >> .crt and .key files has been created and are present in specified
> >> directory
> >>
> >> Actuallly, redirect to https is disabled, and i'm not connecting to
> >> http, i'm connecting to https://ipreverseproxy:8443 directly.
> >>
> >> Regards
> >> Andres
> >>
> >> 2012/2/17 Tom Evans <te...@googlemail.com>:
> >> > On Thu, Feb 16, 2012 at 2:31 PM, Andres Aguado <an...@gmail.com>
> >> > wrote:
> >> >> Hi all, i'd like to expose my problem because i'm going crazy, and if
> >> >> anyone could help me it'll be very appreciated.
> >> >>
> >> >> Well, I've an apache 2.2 server over win2k8, and i want to configure
> >> >> it as reverse proxy to send request to backend Websphere server
> >> >>
> >> >> So, my httpd.conf file is written like this:
> >> >>
> >> >> NameVirtualHost *:80
> >> >> <VirtualHost *:80>
> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
> >> >> Foundation\Apache2.2\htdocs\my_example"
> >> >> ServerName www.my_example.es:80
> >> >> ServerRoot "C:\Program Files (x86)\Apache Software
> >> >> Foundation\Apache2.2"
> >> >> DirectoryIndex index.html
> >> >> Redirect / https://www.my_example.es:8443
> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
> >> >> Foundation\Apache2.2\logs\error.log"
> >> >> TransferLog "C:\Program Files (x86)\Apache Software
> >> >> Foundation\Apache2.2\logs\access.log"
> >> >>
> >> >> ProxyRequests Off
> >> >> </VirtualHost>
> >> >>
> >> >> And i've configured virtual host on 8443 in httpd-ssl.conf like this:
> >> >>
> >> >> <VirtualHost _default_:8443>
> >> >> DocumentRoot "C:\Program Files (x86)\Apache Software
> >> >> Foundation\Apache2.2\htdocs\my_example"
> >> >> DirectoryIndex index2.html
> >> >> ServerName www.my_example.es:8443
> >> >> ServerAdmin admin@my_example.es
> >> >> ErrorLog "C:\Program Files (x86)\Apache Software
> >> >> Foundation\Apache2.2\logs\error.log"
> >> >> TransferLog "C:\Program Files (x86)\Apache Software
> >> >> Foundation\Apache2.2\logs\access.log"
> >> >>
> >> >> ProxyRequests Off
> >> >> ProxyPreserveHost On
> >> >> ProxyPass / https://192.168.112.57
> >> >> ProxyPassReverse / https://192.168.112.57
> >> >> </VirtualHost>
> >> >>
> >> >> Proxy modules enabled are mod_proxy.so and mod_proxy_http.so
> >> >> But this configuration is not working.
> >> >>
> >> >> If i comment both proxypass sentences and try, it connects to local
> >> >> index.html page, but if i enable proxypass sentences, it tries to
> >> >> connect, typical website certificate error (continue to this site)
> >> >> appears in iexplorer and internal server error page is displayed.
> >> >>
> >> >> Could anyone help me please?
> >> >>
> >> >> Thank you very much
> >> >> Andres
> >> >>
> >> >
> >> > Your port 80 vhost redirects users with protocol https to your port
> 8443
> >> > vhost.
> >> > Your port 8433 vhost is not configured for SSL.
> >> > Your browser attempts to talk SSL to a non SSL vhost.
> >> > Hilarity ensues.
> >> >
> >> > Cheers
> >> >
> >> > Tom
> >> >
> >> > ---------------------------------------------------------------------
> >> > The official User-To-User support forum of the Apache HTTP Server
> >> > Project.
> >> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> >> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> >> > For additional commands, e-mail: users-help@httpd.apache.org
> >> >
> >>
> >> ---------------------------------------------------------------------
> >> The official User-To-User support forum of the Apache HTTP Server
> Project.
> >> See <URL:http://httpd.apache.org/userslist.html> for more info.
> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >> For additional commands, e-mail: users-help@httpd.apache.org
> >>
> >
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users@httpd] Reverse proxy problem
Posted by Andres Aguado <an...@gmail.com>.
Hi again Igor, connecting to https://192.168.112.57 directly, a
websphere app server (the backend app server for my case) admin page
is shown
The error log shows this files since startup
The Apache2.2 service has restarted.
arent: Received restart signal -- Restarting the server.
[Fri Feb 17 14:14:15 2012] [notice] Child 6132: Exit event signaled.
Child process is ending.
[Fri Feb 17 14:14:15 2012] [notice] Digest: generating secret for
digest authentication ...
[Fri Feb 17 14:14:15 2012] [notice] Digest: done
[Fri Feb 17 14:14:16 2012] [notice] Child 6132: Released the start mutex
[Fri Feb 17 14:14:17 2012] [notice] Apache/2.2.21 (Win32) DAV/2
mod_ssl/2.2.21 OpenSSL/0.9.8r configured -- resuming normal operations
[Fri Feb 17 14:14:17 2012] [notice] Server built: Sep 9 2011 10:26:10
[Fri Feb 17 14:14:17 2012] [notice] Parent: Created child process 4308
[Fri Feb 17 14:14:18 2012] [notice] Digest: generating secret for
digest authentication ...
[Fri Feb 17 14:14:18 2012] [notice] Digest: done
[Fri Feb 17 14:14:19 2012] [notice] Child 4308: Child process is running
[Fri Feb 17 14:14:19 2012] [notice] Child 4308: Acquired the start mutex.
[Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting 64 worker threads.
[Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
listen on port 80.
[Fri Feb 17 14:14:19 2012] [notice] Child 4308: Starting thread to
listen on port 8443.
[Fri Feb 17 14:14:22 2012] [error] [client 127.0.0.1] proxy: DNS
lookup failure for: 192.168.112.57spipe returned by /spipe/pkg
[Fri Feb 17 14:14:22 2012] [notice] Child 6132: All worker threads have exited.
[Fri Feb 17 14:14:22 2012] [notice] Child 6132: Child process is exiting
About app logs, i've not seen it and i don't know what file to look
for, so i'll ask app administrator server that sure will know it
Thanks!
andres
2012/2/17 Igor Cicimov <ic...@gmail.com>:
> What is in the error file dude not the access one? Since you are proxying to
> https://192.168.112.57 do you have ssl enabled on that server? What do you
> see in its log file?
>
> Since you said http proxying works i suspect you don't have ssl configured
> on the backend 192.168.112.57.
>
>
> On Fri, Feb 17, 2012 at 8:57 PM, Andres Aguado <an...@gmail.com> wrote:
>>
>> Sorry Tom, here is an important piece of httpd-ssl.conf
>>
>> SSLEngine on #Behind proxypass sentences
>> SSLCertificateFile "C:\Program Files (x86)\Apache Software
>> Foundation\Apache2.2\conf\ssl\server.crt"
>> SSLCertificateKeyFile "C:\Program Files (x86)\Apache Software
>> Foundation\Apache2.2\conf\ssl\server.key"
>>
>> .crt and .key files has been created and are present in specified
>> directory
>>
>> Actuallly, redirect to https is disabled, and i'm not connecting to
>> http, i'm connecting to https://ipreverseproxy:8443 directly.
>>
>> Regards
>> Andres
>>
>> 2012/2/17 Tom Evans <te...@googlemail.com>:
>> > On Thu, Feb 16, 2012 at 2:31 PM, Andres Aguado <an...@gmail.com>
>> > wrote:
>> >> Hi all, i'd like to expose my problem because i'm going crazy, and if
>> >> anyone could help me it'll be very appreciated.
>> >>
>> >> Well, I've an apache 2.2 server over win2k8, and i want to configure
>> >> it as reverse proxy to send request to backend Websphere server
>> >>
>> >> So, my httpd.conf file is written like this:
>> >>
>> >> NameVirtualHost *:80
>> >> <VirtualHost *:80>
>> >> DocumentRoot "C:\Program Files (x86)\Apache Software
>> >> Foundation\Apache2.2\htdocs\my_example"
>> >> ServerName www.my_example.es:80
>> >> ServerRoot "C:\Program Files (x86)\Apache Software
>> >> Foundation\Apache2.2"
>> >> DirectoryIndex index.html
>> >> Redirect / https://www.my_example.es:8443
>> >> ErrorLog "C:\Program Files (x86)\Apache Software
>> >> Foundation\Apache2.2\logs\error.log"
>> >> TransferLog "C:\Program Files (x86)\Apache Software
>> >> Foundation\Apache2.2\logs\access.log"
>> >>
>> >> ProxyRequests Off
>> >> </VirtualHost>
>> >>
>> >> And i've configured virtual host on 8443 in httpd-ssl.conf like this:
>> >>
>> >> <VirtualHost _default_:8443>
>> >> DocumentRoot "C:\Program Files (x86)\Apache Software
>> >> Foundation\Apache2.2\htdocs\my_example"
>> >> DirectoryIndex index2.html
>> >> ServerName www.my_example.es:8443
>> >> ServerAdmin admin@my_example.es
>> >> ErrorLog "C:\Program Files (x86)\Apache Software
>> >> Foundation\Apache2.2\logs\error.log"
>> >> TransferLog "C:\Program Files (x86)\Apache Software
>> >> Foundation\Apache2.2\logs\access.log"
>> >>
>> >> ProxyRequests Off
>> >> ProxyPreserveHost On
>> >> ProxyPass / https://192.168.112.57
>> >> ProxyPassReverse / https://192.168.112.57
>> >> </VirtualHost>
>> >>
>> >> Proxy modules enabled are mod_proxy.so and mod_proxy_http.so
>> >> But this configuration is not working.
>> >>
>> >> If i comment both proxypass sentences and try, it connects to local
>> >> index.html page, but if i enable proxypass sentences, it tries to
>> >> connect, typical website certificate error (continue to this site)
>> >> appears in iexplorer and internal server error page is displayed.
>> >>
>> >> Could anyone help me please?
>> >>
>> >> Thank you very much
>> >> Andres
>> >>
>> >
>> > Your port 80 vhost redirects users with protocol https to your port 8443
>> > vhost.
>> > Your port 8433 vhost is not configured for SSL.
>> > Your browser attempts to talk SSL to a non SSL vhost.
>> > Hilarity ensues.
>> >
>> > Cheers
>> >
>> > Tom
>> >
>> > ---------------------------------------------------------------------
>> > The official User-To-User support forum of the Apache HTTP Server
>> > Project.
>> > See <URL:http://httpd.apache.org/userslist.html> for more info.
>> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> > " from the digest: users-digest-unsubscribe@httpd.apache.org
>> > For additional commands, e-mail: users-help@httpd.apache.org
>> >
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy problem
Posted by Igor Cicimov <ic...@gmail.com>.
What is in the error file dude not the access one? Since you are proxying
to https://192.168.112.57 do you have ssl enabled on that server? What do
you see in its log file?
Since you said http proxying works i suspect you don't have ssl configured
on the backend 192.168.112.57.
On Fri, Feb 17, 2012 at 8:57 PM, Andres Aguado <an...@gmail.com> wrote:
> Sorry Tom, here is an important piece of httpd-ssl.conf
>
> SSLEngine on #Behind proxypass sentences
> SSLCertificateFile "C:\Program Files (x86)\Apache Software
> Foundation\Apache2.2\conf\ssl\server.crt"
> SSLCertificateKeyFile "C:\Program Files (x86)\Apache Software
> Foundation\Apache2.2\conf\ssl\server.key"
>
> .crt and .key files has been created and are present in specified directory
>
> Actuallly, redirect to https is disabled, and i'm not connecting to
> http, i'm connecting to https://ipreverseproxy:8443 directly.
>
> Regards
> Andres
>
> 2012/2/17 Tom Evans <te...@googlemail.com>:
> > On Thu, Feb 16, 2012 at 2:31 PM, Andres Aguado <an...@gmail.com>
> wrote:
> >> Hi all, i'd like to expose my problem because i'm going crazy, and if
> >> anyone could help me it'll be very appreciated.
> >>
> >> Well, I've an apache 2.2 server over win2k8, and i want to configure
> >> it as reverse proxy to send request to backend Websphere server
> >>
> >> So, my httpd.conf file is written like this:
> >>
> >> NameVirtualHost *:80
> >> <VirtualHost *:80>
> >> DocumentRoot "C:\Program Files (x86)\Apache Software
> >> Foundation\Apache2.2\htdocs\my_example"
> >> ServerName www.my_example.es:80
> >> ServerRoot "C:\Program Files (x86)\Apache Software
> Foundation\Apache2.2"
> >> DirectoryIndex index.html
> >> Redirect / https://www.my_example.es:8443
> >> ErrorLog "C:\Program Files (x86)\Apache Software
> >> Foundation\Apache2.2\logs\error.log"
> >> TransferLog "C:\Program Files (x86)\Apache Software
> >> Foundation\Apache2.2\logs\access.log"
> >>
> >> ProxyRequests Off
> >> </VirtualHost>
> >>
> >> And i've configured virtual host on 8443 in httpd-ssl.conf like this:
> >>
> >> <VirtualHost _default_:8443>
> >> DocumentRoot "C:\Program Files (x86)\Apache Software
> >> Foundation\Apache2.2\htdocs\my_example"
> >> DirectoryIndex index2.html
> >> ServerName www.my_example.es:8443
> >> ServerAdmin admin@my_example.es
> >> ErrorLog "C:\Program Files (x86)\Apache Software
> >> Foundation\Apache2.2\logs\error.log"
> >> TransferLog "C:\Program Files (x86)\Apache Software
> >> Foundation\Apache2.2\logs\access.log"
> >>
> >> ProxyRequests Off
> >> ProxyPreserveHost On
> >> ProxyPass / https://192.168.112.57
> >> ProxyPassReverse / https://192.168.112.57
> >> </VirtualHost>
> >>
> >> Proxy modules enabled are mod_proxy.so and mod_proxy_http.so
> >> But this configuration is not working.
> >>
> >> If i comment both proxypass sentences and try, it connects to local
> >> index.html page, but if i enable proxypass sentences, it tries to
> >> connect, typical website certificate error (continue to this site)
> >> appears in iexplorer and internal server error page is displayed.
> >>
> >> Could anyone help me please?
> >>
> >> Thank you very much
> >> Andres
> >>
> >
> > Your port 80 vhost redirects users with protocol https to your port 8443
> vhost.
> > Your port 8433 vhost is not configured for SSL.
> > Your browser attempts to talk SSL to a non SSL vhost.
> > Hilarity ensues.
> >
> > Cheers
> >
> > Tom
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
> Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users@httpd] Reverse proxy problem
Posted by Andres Aguado <an...@gmail.com>.
Sorry Tom, here is an important piece of httpd-ssl.conf
SSLEngine on #Behind proxypass sentences
SSLCertificateFile "C:\Program Files (x86)\Apache Software
Foundation\Apache2.2\conf\ssl\server.crt"
SSLCertificateKeyFile "C:\Program Files (x86)\Apache Software
Foundation\Apache2.2\conf\ssl\server.key"
.crt and .key files has been created and are present in specified directory
Actuallly, redirect to https is disabled, and i'm not connecting to
http, i'm connecting to https://ipreverseproxy:8443 directly.
Regards
Andres
2012/2/17 Tom Evans <te...@googlemail.com>:
> On Thu, Feb 16, 2012 at 2:31 PM, Andres Aguado <an...@gmail.com> wrote:
>> Hi all, i'd like to expose my problem because i'm going crazy, and if
>> anyone could help me it'll be very appreciated.
>>
>> Well, I've an apache 2.2 server over win2k8, and i want to configure
>> it as reverse proxy to send request to backend Websphere server
>>
>> So, my httpd.conf file is written like this:
>>
>> NameVirtualHost *:80
>> <VirtualHost *:80>
>> DocumentRoot "C:\Program Files (x86)\Apache Software
>> Foundation\Apache2.2\htdocs\my_example"
>> ServerName www.my_example.es:80
>> ServerRoot "C:\Program Files (x86)\Apache Software Foundation\Apache2.2"
>> DirectoryIndex index.html
>> Redirect / https://www.my_example.es:8443
>> ErrorLog "C:\Program Files (x86)\Apache Software
>> Foundation\Apache2.2\logs\error.log"
>> TransferLog "C:\Program Files (x86)\Apache Software
>> Foundation\Apache2.2\logs\access.log"
>>
>> ProxyRequests Off
>> </VirtualHost>
>>
>> And i've configured virtual host on 8443 in httpd-ssl.conf like this:
>>
>> <VirtualHost _default_:8443>
>> DocumentRoot "C:\Program Files (x86)\Apache Software
>> Foundation\Apache2.2\htdocs\my_example"
>> DirectoryIndex index2.html
>> ServerName www.my_example.es:8443
>> ServerAdmin admin@my_example.es
>> ErrorLog "C:\Program Files (x86)\Apache Software
>> Foundation\Apache2.2\logs\error.log"
>> TransferLog "C:\Program Files (x86)\Apache Software
>> Foundation\Apache2.2\logs\access.log"
>>
>> ProxyRequests Off
>> ProxyPreserveHost On
>> ProxyPass / https://192.168.112.57
>> ProxyPassReverse / https://192.168.112.57
>> </VirtualHost>
>>
>> Proxy modules enabled are mod_proxy.so and mod_proxy_http.so
>> But this configuration is not working.
>>
>> If i comment both proxypass sentences and try, it connects to local
>> index.html page, but if i enable proxypass sentences, it tries to
>> connect, typical website certificate error (continue to this site)
>> appears in iexplorer and internal server error page is displayed.
>>
>> Could anyone help me please?
>>
>> Thank you very much
>> Andres
>>
>
> Your port 80 vhost redirects users with protocol https to your port 8443 vhost.
> Your port 8433 vhost is not configured for SSL.
> Your browser attempts to talk SSL to a non SSL vhost.
> Hilarity ensues.
>
> Cheers
>
> Tom
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy problem
Posted by Tom Evans <te...@googlemail.com>.
On Thu, Feb 16, 2012 at 2:31 PM, Andres Aguado <an...@gmail.com> wrote:
> Hi all, i'd like to expose my problem because i'm going crazy, and if
> anyone could help me it'll be very appreciated.
>
> Well, I've an apache 2.2 server over win2k8, and i want to configure
> it as reverse proxy to send request to backend Websphere server
>
> So, my httpd.conf file is written like this:
>
> NameVirtualHost *:80
> <VirtualHost *:80>
> DocumentRoot "C:\Program Files (x86)\Apache Software
> Foundation\Apache2.2\htdocs\my_example"
> ServerName www.my_example.es:80
> ServerRoot "C:\Program Files (x86)\Apache Software Foundation\Apache2.2"
> DirectoryIndex index.html
> Redirect / https://www.my_example.es:8443
> ErrorLog "C:\Program Files (x86)\Apache Software
> Foundation\Apache2.2\logs\error.log"
> TransferLog "C:\Program Files (x86)\Apache Software
> Foundation\Apache2.2\logs\access.log"
>
> ProxyRequests Off
> </VirtualHost>
>
> And i've configured virtual host on 8443 in httpd-ssl.conf like this:
>
> <VirtualHost _default_:8443>
> DocumentRoot "C:\Program Files (x86)\Apache Software
> Foundation\Apache2.2\htdocs\my_example"
> DirectoryIndex index2.html
> ServerName www.my_example.es:8443
> ServerAdmin admin@my_example.es
> ErrorLog "C:\Program Files (x86)\Apache Software
> Foundation\Apache2.2\logs\error.log"
> TransferLog "C:\Program Files (x86)\Apache Software
> Foundation\Apache2.2\logs\access.log"
>
> ProxyRequests Off
> ProxyPreserveHost On
> ProxyPass / https://192.168.112.57
> ProxyPassReverse / https://192.168.112.57
> </VirtualHost>
>
> Proxy modules enabled are mod_proxy.so and mod_proxy_http.so
> But this configuration is not working.
>
> If i comment both proxypass sentences and try, it connects to local
> index.html page, but if i enable proxypass sentences, it tries to
> connect, typical website certificate error (continue to this site)
> appears in iexplorer and internal server error page is displayed.
>
> Could anyone help me please?
>
> Thank you very much
> Andres
>
Your port 80 vhost redirects users with protocol https to your port 8443 vhost.
Your port 8433 vhost is not configured for SSL.
Your browser attempts to talk SSL to a non SSL vhost.
Hilarity ensues.
Cheers
Tom
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy problem
Posted by Andres Aguado <an...@gmail.com>.
Sorry Hridayesh, yesterday i was a bit locked and i forgot to explain
the internal server error
2012/2/17 Andres Aguado <an...@gmail.com>:
> Hi Igor, it seems that reverse proxy is malfunctioning for https. If i
> proxypass to http link of destination app server it works fine, but
> when i try to proxypass to https link, my web explorer shows "500
> internal server error - The server encountered an internal error or
> misconfiguration and was unable to complete your request", although
> this links is accesible directly (but not through the reverse proxy)
>
> About logs, here is access.log
> mymachineip - - [17/Feb/2012:10:30:28 +0100] "GET / HTTP/1.1" 500 541
>
> Thanks again
> Andres
>
> 2012/2/17 Igor Cicimov <ic...@gmail.com>:
>> What doesnt work? What link are you trying to access? What errors are in the
>> log files?
>>
>> On Feb 17, 2012 8:30 PM, "Andres Aguado" <an...@gmail.com> wrote:
>>>
>>> Hi Hridayesh, and thanks for your response, but it doesn't work in
>>> firefox. The same error is displayed.
>>>
>>> Other idea?
>>> Thanks for your help
>>> Regads
>>> Andres
>>>
>>> 2012/2/17 Hridayesh Gupta <hr...@gmail.com>:
>>> > It looks like you are trying to setup reverse proxy in https(port 443).
>>> > Which is working but browser is not able to verify certificate. I
>>> > believe if
>>> > you try this setup under http (port 80) it will work.
>>> > Certificate might be signed by https://192.168.112.57 correctly but it
>>> > in
>>> > that case it would be signed for 192.168.112.57 domain. proxying it will
>>> > lead in to certificate error.
>>> > In firefox browser you have option to ignore certificate error. If you
>>> > try
>>> > in in firefox and ignore certificate verification, it should work.
>>> >
>>> >
>>> > On Thu, Feb 16, 2012 at 8:01 PM, Andres Aguado <an...@gmail.com>
>>> > wrote:
>>> >>
>>> >> if i enable proxypass sentences, it tries to
>>> >> connect, typical website certif
>>> >
>>> >
>>>
>>> ---------------------------------------------------------------------
>>> The official User-To-User support forum of the Apache HTTP Server Project.
>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy problem
Posted by Andres Aguado <an...@gmail.com>.
Hi Igor, it seems that reverse proxy is malfunctioning for https. If i
proxypass to http link of destination app server it works fine, but
when i try to proxypass to https link, my web explorer shows "500
internal server error - The server encountered an internal error or
misconfiguration and was unable to complete your request", although
this links is accesible directly (but not through the reverse proxy)
About logs, here is access.log
mymachineip - - [17/Feb/2012:10:30:28 +0100] "GET / HTTP/1.1" 500 541
Thanks again
Andres
2012/2/17 Igor Cicimov <ic...@gmail.com>:
> What doesnt work? What link are you trying to access? What errors are in the
> log files?
>
> On Feb 17, 2012 8:30 PM, "Andres Aguado" <an...@gmail.com> wrote:
>>
>> Hi Hridayesh, and thanks for your response, but it doesn't work in
>> firefox. The same error is displayed.
>>
>> Other idea?
>> Thanks for your help
>> Regads
>> Andres
>>
>> 2012/2/17 Hridayesh Gupta <hr...@gmail.com>:
>> > It looks like you are trying to setup reverse proxy in https(port 443).
>> > Which is working but browser is not able to verify certificate. I
>> > believe if
>> > you try this setup under http (port 80) it will work.
>> > Certificate might be signed by https://192.168.112.57 correctly but it
>> > in
>> > that case it would be signed for 192.168.112.57 domain. proxying it will
>> > lead in to certificate error.
>> > In firefox browser you have option to ignore certificate error. If you
>> > try
>> > in in firefox and ignore certificate verification, it should work.
>> >
>> >
>> > On Thu, Feb 16, 2012 at 8:01 PM, Andres Aguado <an...@gmail.com>
>> > wrote:
>> >>
>> >> if i enable proxypass sentences, it tries to
>> >> connect, typical website certif
>> >
>> >
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy problem
Posted by Hridayesh Gupta <hr...@gmail.com>.
In firefox it will show that This Connection is Untrusted, but in the last
there is option "I understand the risk" Clicking on that will show a button
to add exception. After adding exception you can continue.
Remember it will work on your system only after adding exception. Every one
who wants to open this website should add exception. If you dont want this
error, you should contact signing authorities to get valid certificate and
install on server.
On Fri, Feb 17, 2012 at 3:04 PM, Igor Cicimov <ic...@gmail.com> wrote:
> What doesnt work? What link are you trying to access? What errors are in
> the log files?
> On Feb 17, 2012 8:30 PM, "Andres Aguado" <an...@gmail.com> wrote:
>
>> Hi Hridayesh, and thanks for your response, but it doesn't work in
>> firefox. The same error is displayed.
>>
>> Other idea?
>> Thanks for your help
>> Regads
>> Andres
>>
>> 2012/2/17 Hridayesh Gupta <hr...@gmail.com>:
>> > It looks like you are trying to setup reverse proxy in https(port 443).
>> > Which is working but browser is not able to verify certificate. I
>> believe if
>> > you try this setup under http (port 80) it will work.
>> > Certificate might be signed by https://192.168.112.57 correctly but it
>> in
>> > that case it would be signed for 192.168.112.57 domain. proxying it will
>> > lead in to certificate error.
>> > In firefox browser you have option to ignore certificate error. If you
>> try
>> > in in firefox and ignore certificate verification, it should work.
>> >
>> >
>> > On Thu, Feb 16, 2012 at 8:01 PM, Andres Aguado <an...@gmail.com>
>> wrote:
>> >>
>> >> if i enable proxypass sentences, it tries to
>> >> connect, typical website certif
>> >
>> >
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
Re: [users@httpd] Reverse proxy problem
Posted by Igor Cicimov <ic...@gmail.com>.
What doesnt work? What link are you trying to access? What errors are in
the log files?
On Feb 17, 2012 8:30 PM, "Andres Aguado" <an...@gmail.com> wrote:
> Hi Hridayesh, and thanks for your response, but it doesn't work in
> firefox. The same error is displayed.
>
> Other idea?
> Thanks for your help
> Regads
> Andres
>
> 2012/2/17 Hridayesh Gupta <hr...@gmail.com>:
> > It looks like you are trying to setup reverse proxy in https(port 443).
> > Which is working but browser is not able to verify certificate. I
> believe if
> > you try this setup under http (port 80) it will work.
> > Certificate might be signed by https://192.168.112.57 correctly but it
> in
> > that case it would be signed for 192.168.112.57 domain. proxying it will
> > lead in to certificate error.
> > In firefox browser you have option to ignore certificate error. If you
> try
> > in in firefox and ignore certificate verification, it should work.
> >
> >
> > On Thu, Feb 16, 2012 at 8:01 PM, Andres Aguado <an...@gmail.com>
> wrote:
> >>
> >> if i enable proxypass sentences, it tries to
> >> connect, typical website certif
> >
> >
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users@httpd] Reverse proxy problem
Posted by Andres Aguado <an...@gmail.com>.
Hi Hridayesh, and thanks for your response, but it doesn't work in
firefox. The same error is displayed.
Other idea?
Thanks for your help
Regads
Andres
2012/2/17 Hridayesh Gupta <hr...@gmail.com>:
> It looks like you are trying to setup reverse proxy in https(port 443).
> Which is working but browser is not able to verify certificate. I believe if
> you try this setup under http (port 80) it will work.
> Certificate might be signed by https://192.168.112.57 correctly but it in
> that case it would be signed for 192.168.112.57 domain. proxying it will
> lead in to certificate error.
> In firefox browser you have option to ignore certificate error. If you try
> in in firefox and ignore certificate verification, it should work.
>
>
> On Thu, Feb 16, 2012 at 8:01 PM, Andres Aguado <an...@gmail.com> wrote:
>>
>> if i enable proxypass sentences, it tries to
>> connect, typical website certif
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Reverse proxy problem
Posted by Hridayesh Gupta <hr...@gmail.com>.
It looks like you are trying to setup reverse proxy in https(port 443).
Which is working but browser is not able to verify certificate. I believe
if you try this setup under http (port 80) it will work.
Certificate might be signed by https://192.168.112.57 correctly but it in
that case it would be signed for 192.168.112.57 domain. proxying it will
lead in to certificate error.
In firefox browser you have option to ignore certificate error. If you try
in in firefox and ignore certificate verification, it should work.
On Thu, Feb 16, 2012 at 8:01 PM, Andres Aguado <an...@gmail.com> wrote:
> if i enable proxypass sentences, it tries to
> connect, typical website certif
>